It is complicated. He says true. And maybe your need to use GrapheneOS is relevant. If you have a smartphone without cellular connection, for a daily usage, FMPOV it is a non-sense in case of emergency. It is a risk you will have to take, I can’t disagree your dad. And what about your solution but with a SIM card with very few data and SMS available, through a SIM card you can keep aside your phone and insert when needed?
22
AOSP isn't dead, but Google just landed a huge blow to custom ROM developers
(www.androidauthority.com)
Did you have a look on ethical licenses? For example, Coraline Ada Hemke who created the Contributor Covenant (famous code of conduct) started few years ago the Organisation for Ethical Source promoting “ethical” licenses defined by seven principles.
So in fact this third family of licenses is not open source nor free (as defined by OSI and FSF), nevertheless I feel some needs or willings in your side to go, let’s say, “one step further”.
In ethical licenses you can find for example 999 ICU, ACAB, Anti-Capitalist, Peer Production, Hippocratic or some BSD 3-Clause variants about nuclear topics.
You can also have a look on that slidedeck (in French, sorry).
Anticipate technical debt and follow what Google recommends. In few words, use Kotlin and Compose.
However you should really have a look on Google guidelines. In more worlds:
- by default Kotlin and Compose
- if some logic to share between other projects in other environments: Kotlin Multi Platform (KMP)
- if shared UI: Flutter (but Google reduced Flutter teams and KMP is being better and better, so we can suppose Flutter will join the Google Graveyard
I do not know if the solutions I listed below are open source ; however as an open source contributor I am used to work with some tools depending to choice of the projects:
About credits, I don’t think these tools exposes in some automated way the contributors identities. However, nothing prevents you to use these web UI tools to find who contributed and list people for example in your CONTRIBUTORS files. Another way could be to edit the automated commits these tools submit to your Git repos by adding credits to the translators (with for example Co-authored-by field).
Did you have a look on Cake Wallet app? Open source under MIT license and available on F-Droid.
An app? Nope. For notifications, there is open source alternatives to Google and Apple services but it is used in the apps side, not users side. Have a look on microG and Open GApps to flash in your Android device; it might help you.
It seems the “radical” organisations like the FSF or the OES were right and more legitimate in the end.
If you are worried about your privacy, yes, you must get rid of Google Play Services. However a majors part of your apps may be broken as too much rely on this services and only in those services.
If you want apps to based on this layer of Google mess, have a look on some open spruce alternatives of your favorite apps. Maybe some of them won’t embed Google Play Services. But keep in mind you may lose some features like notifications from Google devices or fine tunes location.
You can have a look on microG or Open GApps for alternatives. However you may need to hack your device to flash them.
What you can do, for example:
- check if you can flash alternatives (possible to root and before unlock the boot loader)
- maybe check if you can flash another ROM ; projects list the compatible devices. Have a look on LineageOS, GrapheneOS or also /e/OS
Yep, it seems it is, but it can manage KDBX files. Just wanted to share 😄
Edit: sorry, didn’t see this thread is in Android community, my comment is not relevant for this platform.
You can use also for example Strongbox (https://github.com/strongbox-password-safe)
Edit: sorry, didn’t see this thread is in Android community, my comment is not relevant for this platform. For Android I am used to Keepass2Android (https://github.com/PhilippC/keepass2android). Simple, still maintained, under libre licence GPL 3.0.
It is always the same issues in fact. You should consider your threat model before all. Then, consider the Signal app, then your iPhone supposed to be updated, trusted, with ADP enabled, biometric lock with erasure after 10 failures, etc. Then consider your ISP, then your country. Etc, etc. You should also compare the contexts. Is an iPhone “better” than a low or middle ranges Android-powered smartphones? For sure, yes. Is it better than high-range expansive smartphones with Android ? Or Pixel ones? Not that sure. And compared to GrapheneOS or /e/? Pretty sure not that much. You can also compare messaging solutions. Is Signal better than WhatApp? Of course yes. But what about XMPP and Matrix for example?
And what are your use cases? Remember your threat model. If you are an activist, a journalist or a whistleblower your needs may be different than a “commons citizen worried about its privacy.
In few words, the only pain point I see is the fact than iOS is proprietary and runs non libre source code and Apple devices than APN. But Android devices are not so much different. It does not mean the solution is not private or efficient, if we succeed in defining a definition of “private or efficient”.
In a nutshell, it could be considered as good. But not perfect.
view more: next ›
So abandon open source and move to “post open source” or ethical source might be a (sad) solution.